Privacy

WhatsApp has hit strides in India, becoming the most popular messaging app, partially due to its simple user interface and its end to end secure encryption.

European Union has come down harshly over privacy concerns for users of popular social media platform WhatsApp. This came in wake of WhatsApp not resolving the concerned authorities’ concerns over the popular apps’ sharing of user data with its parent company Facebook, even a year after it was first issued a warning.

WhatsApp has hit strides in India, becoming the most popular messaging app, partially due to its simple user interface and its end to end secure encryption. WhatsApp changed its privacy policy in mid last year and started sharing users’ phone numbers and their other information of personal nature with Facebook without a proper memo that informs the users of this face. This act drew widespread criticism and regulatory scrutiny across Europe and Asia, and WhatsApp for a time suspended the data sharing for EU users only. Asia still lags behind when dealing with issues concerning cyber security and privacy.

EU data protection authorities, however, taking strict actions, said in a letter, sent to WhatsApp on Tuesday 24th Oct and published on Wednesday, that the company had still not resolved their concerns about sharing user data without their prior consent.

The authorities have noted that the information given to users about the privacy policy update by WhatsApp was highly ambiguous and seriously deficient considering it was related to getting their consent.

The Authorities noted that while there is a balance to be found and regualted between presenting the user with too much of the information and not enough information, the initial alert made no mention at all of the crucial information users needed. They were unable to make an informed choice, and simply clicked the agree button that resulted in their personal data being shared with the company of Whatsapp, i.e. Facebook and its family. This information can be now shared with other partner websites and can be used to present the users with targeted advertisements.

The data protection authority of Ireland, which has final jurisdiction over Facebook in the European Union because the company has its European headquarters in Dublin, said that in April it had hoped to reach a deal over the issue of data sharing with WhatsApp and the partner websites. A WhatsApp spokesperson said that, they have engaged previously with other data protection authorities to explain how their terms and privacy policy update applies to those people who use WhatsApp in Europe. They also said that they remain committed to respecting the applicable law and will continue to work with concerned officials in Europe to address the questions over privacy.

The data protection authorities also raised concern over the argument of users’ consent not being given as freely as WhatsApp claimed. WhatsApp had effectively adopted a ‘take it or leave it approach.’ This ends in users either giving their `consent’ to the sharing of their data or they are from then on unable to avail themselves of WhatsApp’s messaging services.

A new European Union data protection law will come in force in May 2018, which will give regulators the power to fine companies up to 4% of their global turnover for violating the cyber privacy laws.

What we need in India and other Asian countries is a similar outcry for cyber privacy and enactment of strict laws to protect the interests of users on a regular basis.